Hello Users, We've a big cluster (Quincy) with almost 1.7 billion RGW objects, and we've enabled SSE on as per https://docs.ceph.com/en/quincy/radosgw/encryption/#automatic-encryption-for-testing-only (yes, we've chosen this insecure method to store the key) We're now in the process of implementing RGW multisite, but stuck due to https://tracker.ceph.com/issues/46062 and list at https://lists.ceph.io/hyperkitty/list/ceph-users@xxxxxxx/thread/PQW66JJ5DCRTH5XFGTRESF3XXTOSIWFF/#43RHLUVFYNSDLZPXXPZSSXEDX34KWGJX Was wondering if there is a way to decrypt the objects in-place with the applied symmetric key. I tried to remove the rgw_crypt_default_encryption_key from the mon configuration database (on a test cluster), but as expected, RGW daemons throw 500 server errors as it can not work on encrypted objects. There is a PR being worked on about introducing the command option at https://github.com/ceph/ceph/pull/51842 but it appears it takes some time to be merged. Cheers, Jayanth Reddy _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |